Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/0iUNJl4F5A24BoU2MmGLdEkB2ro.roa
File:                     0iUNJl4F5A24BoU2MmGLdEkB2ro.roa (raw, json)
Hash identifier:          p6SExFY8OSuEW4m9uTY4DxVIVKebWcCKXA+kCHZj6fk=
Subject key identifier:   D2:25:0D:26:5E:05:E4:0D:B8:06:85:36:32:61:8B:74:49:01:DA:BA
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       01849ABAAF7B234002C31FB66F269D0E82EA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/0iUNJl4F5A24BoU2MmGLdEkB2ro.roa
Signing time:             Mon 21 Nov 2022 15:07:16 +0000
ROA not before:           Mon 21 Nov 2022 15:07:16 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     212912
IP address blocks:        193.105.165.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:9a:ba:af:7b:23:40:02:c3:1f:b6:6f:26:9d:0e:82:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Nov 21 15:07:16 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=d2250d265e05e40db806853632618b744901daba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6c:17:d2:2d:fb:16:4a:04:9a:47:d1:70:af:
                    6e:4e:13:10:28:70:99:49:73:a8:3a:ea:26:9f:0b:
                    39:5d:01:49:92:52:a1:cb:1a:8d:7d:bc:99:78:ff:
                    62:11:96:d8:ca:ba:c0:23:37:82:15:99:0c:51:5e:
                    bf:50:70:02:8a:79:6b:50:05:bd:53:f3:01:93:58:
                    1d:9b:cb:d4:e7:2a:d6:cd:3a:c2:dd:da:91:c2:a3:
                    69:4c:d4:2a:ae:44:d2:ea:f9:f3:99:19:58:22:9e:
                    d1:9f:85:fc:10:d8:f5:a8:07:af:a3:d6:e5:b7:bc:
                    56:40:62:4b:6a:19:79:eb:79:46:81:c9:3b:4b:79:
                    e8:d1:60:b3:9a:3f:f7:24:bb:0f:15:63:4e:1c:cd:
                    00:e7:75:ea:4c:5d:0d:19:5f:07:06:f5:b9:b4:7a:
                    e2:20:c2:e6:55:09:9d:fa:30:46:62:87:4b:80:4e:
                    b3:62:0d:ce:7f:72:47:03:a3:ed:e5:d1:1b:be:4d:
                    a3:76:10:8d:09:8f:76:87:f4:a3:d9:59:67:b6:44:
                    b2:67:c0:78:40:d8:db:c5:01:a6:c2:cc:5b:a9:63:
                    16:d2:ab:7c:24:f4:a7:bc:3d:1b:74:07:20:d4:79:
                    aa:cb:65:97:1a:3d:a0:c7:bb:59:0d:36:95:33:38:
                    e2:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:25:0D:26:5E:05:E4:0D:B8:06:85:36:32:61:8B:74:49:01:DA:BA
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/0iUNJl4F5A24BoU2MmGLdEkB2ro.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.105.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:a2:5d:7f:7d:df:2d:5e:a7:e4:79:0a:ec:62:eb:42:5d:b4:
         d8:ac:65:94:62:a9:0f:ef:67:9a:b8:ed:4a:6d:9b:2d:74:e1:
         7e:4b:85:17:41:13:2e:f7:50:65:04:3b:2a:1d:98:cb:d2:73:
         d7:25:f9:46:ae:10:5f:2f:11:a0:68:bf:55:80:5b:33:93:d8:
         86:da:7c:fe:bd:a0:4c:3c:d8:fa:5b:40:ef:a3:bd:49:59:33:
         f9:8d:9a:08:43:f8:de:25:11:78:96:e4:74:8f:51:3a:41:89:
         13:0a:d5:75:73:cb:5a:fa:f6:67:29:1d:f4:ec:44:5e:db:16:
         98:4e:61:b9:b8:e2:a5:a3:5e:91:f7:2e:43:b7:dd:fc:9e:d3:
         5f:98:c6:cd:4b:56:b6:15:eb:1d:8d:89:f4:25:37:83:3a:0c:
         d2:2c:62:d9:dd:a8:4d:c6:9d:e6:54:6b:c1:ae:a9:57:ce:13:
         97:a8:5f:fa:0a:20:2c:87:8b:69:c0:40:cf:7b:0b:1a:e1:a3:
         b5:9c:78:1e:e9:12:a4:59:52:71:5c:e7:d0:b7:33:a1:ff:a8:
         87:a0:09:85:1f:58:3e:98:ff:fa:64:71:94:d5:f2:04:af:cc:
         aa:97:52:a7:89:93:8a:3f:d6:a3:e2:1a:16:fc:c1:6d:07:d0:
         6a:86:b8:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSauq97I0ACwx+2byadDoLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMTIxMTUwNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI1MGQyNjVlMDVlNDBkYjgwNjg1MzYzMjYxOGI3NDQ5MDFkYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomwX0i37FkoEmkfRcK9uThMQKHCZ
SXOoOuomnws5XQFJklKhyxqNfbyZeP9iEZbYyrrAIzeCFZkMUV6/UHACinlrUAW9
U/MBk1gdm8vU5yrWzTrC3dqRwqNpTNQqrkTS6vnzmRlYIp7Rn4X8ENj1qAevo9bl
t7xWQGJLahl563lGgck7S3no0WCzmj/3JLsPFWNOHM0A53XqTF0NGV8HBvW5tHri
IMLmVQmd+jBGYodLgE6zYg3Of3JHA6Pt5dEbvk2jdhCNCY92h/Sj2VlntkSyZ8B4
QNjbxQGmwsxbqWMW0qt8JPSnvD0bdAcg1Hmqy2WXGj2gx7tZDTaVMzjibQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIlDSZeBeQNuAaFNjJhi3RJAdq6MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMGlVTkpsNEY1QTI0Qm9VMk1tR0xkRWtCMnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWmlMA0G
CSqGSIb3DQEBCwUAA4IBAQCeol1/fd8tXqfkeQrsYutCXbTYrGWUYqkP72eauO1K
bZstdOF+S4UXQRMu91BlBDsqHZjL0nPXJflGrhBfLxGgaL9VgFszk9iG2nz+vaBM
PNj6W0Dvo71JWTP5jZoIQ/jeJRF4luR0j1E6QYkTCtV1c8ta+vZnKR307ERe2xaY
TmG5uOKlo16R9y5Dt938ntNfmMbNS1a2FesdjYn0JTeDOgzSLGLZ3ahNxp3mVGvB
rqlXzhOXqF/6CiAsh4tpwEDPewsa4aO1nHge6RKkWVJxXOfQtzOh/6iHoAmFH1g+
mP/6ZHGU1fIEr8yql1KniZOKP9aj4hoW/MFtB9BqhrgI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org